Professionally Evil Application Security: Unveiling Server-Side Discovery and Exploitation with Kevin Johnson

Join us for the second course in the Professionally Evil Application Security series.

Designed to expand your expertise in vulnerability discovery, this course focuses on key concepts and techniques to identify and mitigate server-side vulnerabilities. Led by Secure Ideas’ experts, you’ll gain the knowledge and practical skills necessary to assess applications and their risk of malicious attacks.

Begin your journey with a comprehensive introduction, setting the stage for the exciting challenges ahead. Dive into the intricacies of discovery, as you explore various flaws within the server-side portions of the applications and APIs. Understand the significance of context and grasp the essential concepts related to flaws that can compromise server-side security.

Through hands-on exercises and real-world examples, you’ll delve into critical areas such as authentication and authorization, session fixation, redirects and forwards, injections, insecure deserialization, server-side request forgery (SSRF), and XML external entities. Uncover the techniques used by attackers to exploit these vulnerabilities and learn how to effectively counteract them.

Our expert instructors will guide you through each module, providing in-depth insights and practical knowledge to enhance your skills. Engage in stimulating discussions, participate in interactive labs, and gain valuable experience in vulnerability discovery within our cutting-edge test environment.

Enroll in Unveiling Server-Side Discovery and Exploitation today to fortify your application security arsenal and emerge as a proficient professional in the field. Together, we’ll navigate the intricate world of server-side vulnerabilities and empower you to protect applications with confidence and expertise. Check out our other Secure Ideas courses here.

Key Takeaways

• Provide a fundamental understanding of application penetration testing processes
• Gain a foundational understanding of common application pentesting tools
• Understand how to interact with applications to discover potential security vulnerabilities
• How validate findings and exploit common vulnerabilities
• How to effectively report on discovered vulnerabilities

Who Should Take This Course

• Penetration Testers
• IT Professional
• Developers
• Students

What Each Student Will Be Provided With

Each student will receive a PDF of the course material and virtual machine image.

All students attending the training will need a laptop and virtualization software, such as Virtual Box or Hyper-V, installed and ready to use. Virtual Machines will require at least 8GB of RAM and 40GB of hard drive space available.